Mayastor, Velero, Rancher improved, Local storage

2023-09-11 18:38:28 +02:00 · 2023-09-11 18:38:28 +02:00 · 0fcc97a6d0
parent 53c5c1f17e
commit 0fcc97a6d0
6 changed files with 78 additions and 18 deletions
--- a/README.md
+++ b/README.md
@ -10,7 +10,17 @@ git  clone  --recurse-submodules  git@git.snel.com:snelcom-ansible/snel.ansible.

 ## Install on macOS
 ```zsh
-brew  install  ansible  ansible-lint  packer  jq  siderolabs/talos/talosctl  kubernetes-cli  helm  bitwarden-cli
+brew  install  \
+  ansible \
+  ansible-lint \
+  packer \
+  jq \
+  siderolabs/talos/talosctl \
+  kubernetes-cli \
+  helm \
+  bitwarden-cli \
+  velero
+helm  plugin  install  https://github.com/databus23/helm-diff  
 bw  config  server  'https://pw.snel.com/'
 python3  -m pip  install  --upgrade  --requirement  ./requirements.txt
 ansible-galaxy  install  --force  --role-file  ./requirements.yml
@ -20,11 +30,13 @@ source ~/.zshrc
 ```

 ## Use
-### Login on Vaultwarden:
+### First time: Login on Vaultwarden:
 ```zsh
 bw  login
 ```
+
 ### Execute playbook
 ```zsh
+export BW_SESSION=$(bw unlock --raw) && \
 ansible-playbook  site.yml  --limit customer_deovero
 ```
--- a/configs/talos/talos-patch.yaml
+++ b/configs/talos/talos-patch.yaml
@ -4,19 +4,20 @@ machine:
    extraArgs:
      rotate-server-certificates: true
    extraMounts:
-      - destination: /var/storage
+      - destination: /var/local
        type: bind
-        source: /var/storage
+        source: /var/local
        options:
          - bind
          - rshared
          - rw
  sysctls:
-    vm.nr_hugepages: 1024
+    # https://www.talos.dev/v1.5/kubernetes-guides/configuration/storage/
+    vm.nr_hugepages: "1024"
    # https://github.com/siderolabs/talos/issues/4654#issuecomment-1025125034
-    vm.max_map_count: 262144
-    vm.overcommit_memory: 1
-    vm.swappiness: 1
+    vm.max_map_count: "262144"
+    vm.overcommit_memory: "1"
+    vm.swappiness: "1"
  install:
    extensions:
      - image: ghcr.io/siderolabs/iscsi-tools:v0.1.4
--- a/inventory/group_vars/customer_deovero.yml
+++ b/inventory/group_vars/customer_deovero.yml
@ -0,0 +1,17 @@
+---
+velero_s3_access_key_id: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  66383464636530323164316130343739326666386366306136613735623339616534316437653834
+  3439316330613635353365313233623135373231383530360a346633353866363761653361636635
+  38336239353864376361376330646663383732303931643332386633636139343131643836663763
+  3936366230633033660a663037613461663963383834396532663232316539333966616436636565
+  38333133613238316432376134636366323631313365623162623235306463343565
+
+velero_s3_secret_access_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  65396337666437326265353433656566653730323432326262353962303933613030333839336566
+  3336333533396333646566336130623930646532616430320a376630326135396639333665316636
+  30646436663565353435663730633539323134633062636133633332613565646630356461303063
+  3966653732666232390a616336623630633239303161373764363664316338653362303062353766
+  65326237363238333961633730363362323862313563333161323866663430643263386437393931
+  3465343837643236326561633631393830313264326632633435
--- a/inventory/group_vars/talos.yml
+++ b/inventory/group_vars/talos.yml
@ -1,10 +1,2 @@
 ---
-talos_generic_config_dir: "{{ ansible_root_dir }}/configs/talos"
-talos_cluster_config_dir: "{{ ansible_root_dir }}/configs/{{ cluster_name }}"
-talos_cluster_secrets_file: "{{ talos_cluster_config_dir }}/talos-secrets.yaml"
-talos_control_lb_hostname: "control.{{ cluster_name }}"
-talos_node_config_file: "{{ talos_cluster_config_dir }}/talos-{{ inventory_hostname }}.yaml"
-talosconfig: "{{ talos_cluster_config_dir }}/talosconfig.yaml"
-kubeconfig: "{{ talos_cluster_config_dir }}/kubeconfig.yaml"
-talos_image_version: v1.4.7
-talos_version: v1.5.1
+# See  playbooks/snel.kubernetes-cluster/roles/common/defaults/main.yml  for playbook defaults
--- a/playbooks/snel.kubernetes-cluster
+++ b/playbooks/snel.kubernetes-cluster
@ -1 +1 @@
-Subproject commit ce228aad70dc39c275a9593ada7e52796ea82173
+Subproject commit d19eb2678cb0429c103ef615eb1c5020c3f30020
--- a/test/storage-test.yaml
+++ b/test/storage-test.yaml
@ -0,0 +1,38 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: storage-test
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: storage-pvc
+  namespace: storage-test
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 500Mi
+---
+kind: Pod
+apiVersion: v1
+metadata:
+  name: ubuntu-pod
+  namespace: storage-test
+spec:
+  volumes:
+    - name: storage-vol
+      persistentVolumeClaim:
+        claimName: storage-pvc
+  containers:
+    - name: ubuntu
+      image: ubuntu:latest
+      command: [ "/bin/bash", "-c", "--" ]
+      args: [ "while true; do sleep 30; done;" ]
+      volumeMounts:
+        - mountPath: /volume
+          name: storage-vol
+
+#  kubectl exec  -n storage-test  ubuntu-pod  -it  --  bash